On 21 May 2020, at 12:49, Charles Sprickman <c...@morefoo.com> wrote:
> I was wondering if greylisting might be a good option here.
It's a matter of how much Nanking you are willing to do and how much legitimate
mail your are willing to lose.
The usual method of greylisting where you tell a server to try again later (4xx
error) will cost you legitimate mail as many senders, including very large
senders, will retry from different servers (google, Amazon). Others, in the
idiotic belief they are being "secure", will never retry. Many of the latter
are banks.
Other forms off greylisting, like slowing the connection rate and making the
transaction take a bit longer than usual are far more effective and less likely
to cause issues with legitimate senders.
Greylosting also really screws up the "authenticate your email right now. No,
right this second. We sent you the code, enter it now in the next ten seconds
or we delete your account and ban your IP" idiocy on the web that, nonetheless,
some of us are forced to deal with. It's impossible to keep up with the list of
domains doing that, especially when most of the verification emails originate
from other servers.
Postscreen, out-of-the-box, works exceptionally well and blocks more spam than
any thing else I've used. Sure, I run SpamAssassin as well, but it sees very
little use.
Add an RBL or two, and it's kind of like magic.
--
Knowledge equals power... --... Power equals energy... People were
stupid, sometimes. They thought the Library was a dangerous place
because of all the magical books, which was true enough, but what
made it really one of the most dangerous places there could ever
be was the simple fact that it was a library. Energy equals
matter... --... Matter equals mass. And mass distorts space. It
distorts it into polyfractal L-Space. --Guards! Guards!
